From: Tim van der Staaij <git@tim.vanderstaaij.email>
To: "musl" <musl@lists.openwall.com>
Subject: [musl] [PATCH] crypt: support $2b$ prefix for blowfish
Date: Thu, 15 Oct 2020 21:56:56 +0200 [thread overview]
Message-ID: <1752dd63ca0.f45c706c130962.3068699904194055827@tim.vanderstaaij.email> (raw)
In-Reply-To:
2b is functionally equivalent to 2y, i.e. no known bugs at this time.
openbsd, which created the original bcrypt implementation,
and several other implementations use this prefix since 2014:
https://marc.info/?l=openbsd-misc&m=139320023202696
---
src/crypt/crypt_blowfish.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/src/crypt/crypt_blowfish.c b/src/crypt/crypt_blowfish.c
index d3f79851..a5feffe7 100644
--- a/src/crypt/crypt_blowfish.c
+++ b/src/crypt/crypt_blowfish.c
@@ -533,6 +533,7 @@ static void BF_set_key(const char *key, BF_key expanded, BF_key initial,
* Valid combinations of settings are:
*
* Prefix "$2a$": bug = 0, safety = 0x10000
+ * Prefix "$2b$": bug = 0, safety = 0
* Prefix "$2x$": bug = 1, safety = 0
* Prefix "$2y$": bug = 0, safety = 0
*/
@@ -600,7 +601,7 @@ static char *BF_crypt(const char *key, const char *setting,
char *output, BF_word min)
{
static const unsigned char flags_by_subtype[26] =
- {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ {2, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 4, 0};
struct {
BF_ctx ctx;
@@ -748,7 +749,7 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
const char *test_setting = "$2a$00$abcdefghijklmnopqrstuu";
static const char test_hash[2][34] =
{"VUrPmXD6q/nVSSp7pNDhCR9071IfIRe\0\x55", /* $2x$ */
- "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2y$ */
+ "i1D709vfamulimlGcq0qq3UvuUasvEa\0\x55"}; /* $2a$, $2b$, $2y$ */
char *retval;
const char *p;
int ok;
@@ -777,14 +778,14 @@ char *__crypt_blowfish(const char *key, const char *setting, char *output)
ok = (p == buf.o &&
!memcmp(p, buf.s, 7 + 22) &&
!memcmp(p + (7 + 22),
- test_hash[buf.s[2] & 1],
+ test_hash[buf.s[2] != 'x'],
31 + 1 + 1 + 1));
{
const char *k = "\xff\xa3" "34" "\xff\xff\xff\xa3" "345";
BF_key ae, ai, ye, yi;
BF_set_key(k, ae, ai, 2); /* $2a$ */
- BF_set_key(k, ye, yi, 4); /* $2y$ */
+ BF_set_key(k, ye, yi, 4); /* $2b$, $2y$ */
ai[0] ^= 0x10000; /* undo the safety (for comparison) */
ok = ok && ai[0] == 0xdb9c59bc && ye[17] == 0x33343500 &&
!memcmp(ae, ye, sizeof(ae)) &&
--
2.23.0
next reply other threads:[~2020-10-15 20:08 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-15 19:56 Tim van der Staaij [this message]
2020-10-15 20:32 ` Solar Designer
2020-10-15 20:59 ` Tim van der Staaij
2020-10-17 19:27 ` Solar Designer
2020-10-18 8:57 ` Julien Ramseier
2020-10-18 14:51 ` Tim van der Staaij
2020-10-18 16:12 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1752dd63ca0.f45c706c130962.3068699904194055827@tim.vanderstaaij.email \
--to=git@tim.vanderstaaij.email \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).